Given the dependence on network devices such as firewalls, routers, switches and Intrusion Detection Systems (IDS) to maintain security, clients commonly request that these solutions are subject to further review, over and above that offered by an infrastructure penetration test. With direct access to these systems, our consultants can conduct a comprehensive review evaluating all aspects of the configuration that can impact security; how the firewall has been set up, the software versions in use and the modules that have been added. For firewalls and similar devices, the exercise can be extended to cover a review of the rule base. For solutions that provide alerting, blocking or filtering (IDS, IPS, application firewalls, etc.), Cryptum can conduct controlled testing to evaluate the effectiveness of these systems. The type of testing covers the fundamental abilities of the system, the configuration that has been applied and how security staff interpret and respond to alerts. Whilst designed for live networks, this type of testing is equally applicable to systems under evaluation.
A Network device testing will give IT management a clear understanding as to whether the current design, architecture and network performance is meeting business requirements and needs.
Network device testing will provide sound recommendations on how to overcome network issues and present a clear plan for moving forward.
Ensures device configurations conform to industry best practices.
Provides assurances that critical access control mechanisms are in place, aligned with prevailing good practice, and operating as intended.
Provides a measure of assurance that those systems and applications that are reliant upon the devices are secured in accordance with their expectation.
Above all, your company will benefit from having a recorded, in-depth analysis of the existing network infrastructure for future reference.
If your business runs a Virtual Private Network (VPN) to allow remote users to connect to the network, there is a risk that outside threats could use it as an entry point into your internal network. Virtual Private Network (VPN) assessments provide an assurance of the integrity and confidentiality of a network, implied by their presence and use. It is imperative that confidence in the security infrastructure is not impaired by an extension of the trust boundaries outside the organisation’s physical perimeter. In a VPN implementation, remote systems are provided with a secure route for internal network access. Potentially, such access is obtained from physically insecure locations. This network presence; coupled with potential flaws in authentication mechanisms, implementation framework or configuration state; could result in the compromise of network boundaries from an external VPN endpoint. Such a compromise may lead to the VPN becoming a conduit for an attack on the organisation’s internal network infrastructure.
• To identify firewall configuration vulnerabilities, determines if there are any vulnerabilities inherent in the network devices and highlights general issues with the architecture.
• To verify the security of both, your SL based VPN and your IPsec based VPN.
• To verify that you have end-to-end security and not just an encrypted tunnel.
• Prevent hackers from using your VPN as a tunnel to your internal network.
• To verify the security of both, your SSL based VPN and your IPSec based VPN.
The convergence of voice, data, and video, provides organisations with welcome cost savings. The robustness of the telephony system in isolation is a significant concern; there are a range of threats to the confidentiality, availability and integrity of the telephony system and testing evaluates all of these. Testing typically includes reviewing handsets, soft-phones, the telephony servers and a range of network layer activities to fully understand whether the telephony system can be considered secure and reliable. The need to segregate voice services from the traditional corporate network is well publicised and this is the second area of attention. The method of segregation (commonly VLANs) will be subject to review, as will any servers that bridge both data and voice networks to ensure that they are capable of maintaining the required level of segregation. The type of testing conducted will be dictated by the nature of the solution and in addition to telephony specific skills, tests may include elements of wireless testing, infrastructure penetration testing, application testing, build reviews, remote access testing and more. The mission critical nature of voice services is not lost on Cryptum and neither are the challenges of the multipartite ownership of voice services. Cryptum will work with all parties to develop a test plan that meets the needs of all involved, which can include out of hours testing where appropriate.
• Address government and industry regulatory compliance requirements.
• Discover Telephony network vulnerabilities and risks to your business systems.
• Validate the effectiveness of current security safeguards.
• Identify remediation steps to help prevent network compromise.
The Firewall Assessment covers a comprehensive review of all aspects of a firewall configuration, not just the Firewall rules. A firewall is a keystone part of the network defence; it is critical to ensure that they are securely configured and that the rule-base is free of infinite loops or duplicate/unused entries.
The Firewall Assessment, (depending on the device functionality), will include an examination of:
• Firewall rules
• Firewall build
• Insecure rules with any to any instances
• Overly permissive rules that enable too great a degree of access between hosts via various protocols
• Insecure configuration of VPN’s, radius or other key services
• Insecure device configurations
• Insecure admin access configurations
• Inadequate or no logging
• Insecure encryption methods
• Duplicate or unused rules
Please find below a graphical representation of our internal methodology when performing a web application assessment.
Configuration and implementation problems can lead to unauthorised access to sensitive information or networks; often without the intruder even setting foot inside a building. Therefore, wireless networks require close monitoring and periodic assessments to mitigate the exposure to security threats. The purpose of a wireless assessment is to interrogate a wireless infrastructure, and to provide assurance that it cannot be used to compromise the integrity and confidentiality of an organisations network or data. In most cases the footprint of a wireless network will extend beyond the desired area. This effectively extends the network boundary beyond the physical boundary of private premises and into public space. The majority of mobile devices supplied today have wireless connectivity hardware enabled by default. An attacker can use such a wireless interface as a beachhead for further attacks into the wired corporate network infrastructure. Whilst attacks against wireless networks have received less media attention of late, the attack vectors that gained notoriety throughout the last decade remain present and demand attention. Cryptum’ approach provides options for testing the full range of threats to a corporate wireless network, including authentication, encryption, segregation of guest and corporate services, the ability to compromise wireless clients and wireless denial of service testing.
• To execute a real-world attack on infrastructure and understand the level of risk that exists at a single moment in time.
• To better identify and validate all security vulnerabilities associated with your Internet-facing environment.
• To understand the level of risk for your organization compared to similar companies.
Powered by JEMSLAB